aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHerbert Eiselt <herbert.eiselt@highstreet-technologies.com>2020-08-28 13:42:47 +0000
committerGerrit Code Review <gerrit@onap.org>2020-08-28 13:42:47 +0000
commit05e9500d9652b0ec6c6ff5e7ed65a09393a63532 (patch)
tree9fbad3737b9141de17c882cdee0236dd44be169e
parent7484523c5b15b7dc1f00aae044d6ab5527147b6e (diff)
parent91a8f1eacdeb30a7c2e81d4c921c1f030d940496 (diff)
Merge "Add a configurable truststore for A1 adapter"
Former-commit-id: 6a9e13ac968d3210919c18714cd646621ac089ed
-rwxr-xr-xinstallation/sdnc/src/main/scripts/addA1TrustStore.sh28
-rwxr-xr-xinstallation/sdnc/src/main/scripts/startODL.oom.sh2
-rwxr-xr-xinstallation/sdnc/src/main/scripts/startODL.sh2
-rw-r--r--installation/src/main/stores/truststore.a1.adapter.jksbin0 -> 970 bytes
-rw-r--r--installation/src/main/yaml/docker-compose.yml6
5 files changed, 38 insertions, 0 deletions
diff --git a/installation/sdnc/src/main/scripts/addA1TrustStore.sh b/installation/sdnc/src/main/scripts/addA1TrustStore.sh
new file mode 100755
index 00000000..4e3fcab6
--- /dev/null
+++ b/installation/sdnc/src/main/scripts/addA1TrustStore.sh
@@ -0,0 +1,28 @@
+#!/bin/bash
+
+###
+# ============LICENSE_START=======================================================
+# Copyright (C) 2020 Nordix Foundation. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+###
+
+SDNC_STORE_DIR=${SDNC_STORE_DIR:-/opt/onap/sdnc/data/stores}
+A1_TRUSTSTORE=${SDNC_STORE_DIR}/truststore.a1.adapter.jks
+ONAP_TRUSTSTORE=${SDNC_STORE_DIR}/truststoreONAPall.jks
+
+if [ -f ${A1_TRUST_STORE} ]
+then
+ keytool -importkeystore -srckeystore ${A1_TRUSTSTORE} -srcstorepass ${A1_TRUSTSTORE_PASSWORD} -destkeystore ${ONAP_TRUSTSTORE} -deststorepass changeit
+fi
diff --git a/installation/sdnc/src/main/scripts/startODL.oom.sh b/installation/sdnc/src/main/scripts/startODL.oom.sh
index 409e27c9..1ce4a1b0 100755
--- a/installation/sdnc/src/main/scripts/startODL.oom.sh
+++ b/installation/sdnc/src/main/scripts/startODL.oom.sh
@@ -355,6 +355,8 @@ if [ ! -f ${SDNC_HOME}/.installed ]
then
echo "Installing SDN-C keyStore"
/bin/bash ${SDNC_HOME}/bin/addSdncKeyStore.sh
+ echo "Installing A1-adapter trustStore"
+ /bin/bash ${SDNC_HOME}/bin/addA1TrustStore.sh
if $ENABLE_ODL_CLUSTER ; then enable_odl_cluster ; fi
diff --git a/installation/sdnc/src/main/scripts/startODL.sh b/installation/sdnc/src/main/scripts/startODL.sh
index 14ffe2a3..86d1e09c 100755
--- a/installation/sdnc/src/main/scripts/startODL.sh
+++ b/installation/sdnc/src/main/scripts/startODL.sh
@@ -152,6 +152,8 @@ then
${SDNC_HOME}/bin/installSdncDb.sh
echo "Installing SDN-C keyStore"
${SDNC_HOME}/bin/addSdncKeyStore.sh
+ echo "Installing A1-adapter trustStore"
+ ${SDNC_HOME}/bin/addA1TrustStore.sh
#${CCSDK_HOME}/bin/installOdlHostKey.sh
diff --git a/installation/src/main/stores/truststore.a1.adapter.jks b/installation/src/main/stores/truststore.a1.adapter.jks
new file mode 100644
index 00000000..35eaceb8
--- /dev/null
+++ b/installation/src/main/stores/truststore.a1.adapter.jks
Binary files differ
diff --git a/installation/src/main/yaml/docker-compose.yml b/installation/src/main/yaml/docker-compose.yml
index 773d0616..96f9bb32 100644
--- a/installation/src/main/yaml/docker-compose.yml
+++ b/installation/src/main/yaml/docker-compose.yml
@@ -63,6 +63,12 @@ services:
- ODL_CERT_DIR=/tmp
- ODL_ADMIN_USERNAME=admin
- ODL_ADMIN_PASSWORD=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
+ - A1_TRUSTSTORE_PASSWORD=a1adapter
+ # The default truststore for A1 adapter can be overridden by mounting a new
+ # truststore (uncomment the lines below), whereas the corresponding password
+ # should be updated in A1_TRUSTSTORE_PASSWORD environment variable (in the line above)
+ #volumes:
+ # - ./a1_truststore.jks:/opt/onap/sdnc/data/stores/truststore.a1.adapter.jks:ro
dns:
- ${DNS_IP_ADDR-10.0.100.1}
logging: